A security analyst, while doing a security scan using packet c capture security tools, noticed large
volumes of data images of company products being exfiltrated to foreign IP addresses. Which of
the following is the FIRST step in responding to scan results?
A.
Incident identification
B.
Implement mitigation
C.
Chain of custody
D.
Capture system image
Explanation: